: GlobalProtect Portals Agent HIP Data Collection Tab
Focus
Focus

GlobalProtect Portals Agent HIP Data Collection Tab

Table of Contents
End-of-Life (EoL)

GlobalProtect Portals Agent HIP Data Collection Tab

  • Network
    GlobalProtect
    Portals
    <portal-config>
    Agent
    <agent-config>
    HIP Data Collection
Select the
HIP Data Collection
tab to define the data that the app collects from the endpoint in the HIP report:
GlobalProtect HIP Data Collection Configuration Settings
Description
Collect HIP Data
Clear this option to prevent the app from collecting and sending HIP data.
Enable GlobalProtect to collect HIP data for HIP-based policy enforcement, so the firewall can match HIP data from endpoints against the HIP objects and/or HIP profiles you define and then apply the appropriate policy.
Max Wait Time (sec)
Specify how many seconds the app should search for HIP data before submitting the available data (range is 10-60; default is 20).
Certificate Profile
Select the certificate profile that the GlobalProtect portal uses to match the machine certificate sent by the GlobalProtect app.
Exclude Categories
Select
Exclude Categories
to specify the host information categories for which you do not want the app to collect HIP data. Select a
Category
(such as data-loss-prevention) to exclude from HIP collection. After selecting a category, you can
Add
a particular Vendor and, then, you can
Add
specific products from the vendor to further refine the exclusion as needed. Click
OK
to save settings in each dialog.
Custom Checks
Select
Custom Checks
to define custom host information you want the app to collect. For example, if you have any required applications that are not included in the Vendor or Product lists for creating HIP objects, you can create a custom check to determine whether that application is installed (it has a corresponding Windows registry or Mac plist key) or is currently running (has a corresponding running process):
  • Windows
    Add
    a check for a particular registry key or key value.
  • Mac
    Add
    a check for particular plist key or key value.
  • Process List
    Add
    the processes you want to check for on user endpoints to see if they are running. For example, to determine whether a software application is running, add the name of the executable file to the process list. You can add a process to the
    Windows
    tab, the
    Mac
    tab, or both.

Recommended For You